Apple iMac G5: New Look & Design

[russ_watters]

Yes, this I can relate to.
But, this is also true for Linux. Who makes email-viruses for Linux?
I can appreciate the fact that 90% of the world uses Windows, thus anything not Windows has security trough obscurity. I think it's a pretty strange statement, but I can see how someone might assert this.

BUT, when you try to put Linux in the same group as Windows, leaving out the BSD's and OS X, you would be way of base IMO.

I didn't say anything about Linux. My point was simply Windows vs everything else.

Further evidence of this is the type of viruses out there: the vast majority are macro viruses. Any freshman CompSci student can write one and any 16 year old geek can modify one that already exists. They are the virus of choice these days simply because they are easy to write.

And the vulnerability macro viruses exploit is two-fold: the first is human trust and no patch can fix that. Even after all the email attachment viruses of the past 2 years, people in my office still open attachments without knowing who they are from. The second is the functionality of Windows and that's an issue with MS (on purpose or not) sacrificing safety for functionality. No need to look for a back-door when the front door is already wide-open.

 

[Anttech]

"you are applying the phrase to a market share but you seem to think that Linux is not part of this criticism"

I am not applying comments about markets shares, I am applying comments about documentation... OSX does not have any where near the amount of security documentation than LINUX (yes I said it) and Windows...

OSX is NOT Linux it is NOT BSD... It may have components of BSD at lower levels, HOWEVER viruses/Worms/Vulnerabilities/Trojans etc etc are NOT always written at that lower level are they? OSX IS just as vulnerable as the next to buffer overflow problems. You do understand the layered architecture of an OS, don’t you?…Well Just because the kernel is BSD.. Does not mean that it cannt have OTHER security vulnerabilities that BSD does not have, for example between the GUI and the kernel layer, or the User layer and the Kernel layer… whatever!

Now... I will come to the point of "Security through obscurity" OSX as we all know is not a default target for crackers... It has not been completely tested, we do not know enough about all the nooks and crannies of this complete OS... Do we? So 'in theory' it is there could be many holes, and to add to this Apple do NOT like to talk about security... Apple do NOT make it an objective of there’s to educate users regarding possible, theoretical or not, security vulnerabilities...

Tell me this, why don't the 3 letter agencies and governments of the world host there Mission critical applications and confidential Data on OSX? Because of this very reason... It has not been tested enough, it is just not mature enough... You could conclude that a serious cracker (not just a script kiddie with some tools)could find vulnerabilities in the OS (possibly easily.. We just don't know), and exploit the system, at what ever layer you want... I would say until it has been tested enough as its entirety and apple start (or keen Mac users, and we all know how zealous some Mac users are don’t we :-D ) creating documentation on OSX security it is "secured through obscurity" IMHO

 

[ComputerGeek]

OSX does not have any where near the amount of security documentation than LINUX (yes I said it) and Windows...

OSX is NOT Linux it is NOT BSD... It may have components of BSD at lower levels, HOWEVER viruses/Worms/Vulnerabilities/Trojans etc etc are NOT always written at that lower level are they? OSX IS just as vulnerable as the next to buffer overflow problems.

Lower levels? you mean the Command line interface? that is still user land bucko. that is not low level.

if you are referring to the fact that the windowing system is not as tested as windows or X11 in a secure environment, I would ask you to point to one instance where the windowing system was the place that was rooted, attacked by a worm to gain access to the administrator privileges, etc. viruses and trojans cannot be kept at bay because they attack from asocial engineering aspect and rely on morons. but the extent of the damage, like on any Unix Derived OS will remain in the user account who activated the code. other than the windowing system, OS X is supported by a fully Open SOurce system.

Well Just because the kernel is BSD.. Does not mean that it cannt have OTHER security vulnerabilities that BSD does not have, for example between the GUI and the kernel layer, or the User layer and the Kernel layer… whatever!

first off, it is a mach micro kernel with BSD services. everything but the bare essentials is in user land, unlike Windows whose developers thought it was smart to put the Browser in the kernel space. second off, the GUI layer is the user layer. there is kernel space and user space. unless you are a device manager, Memory manager process manager or file system manager, you are not welcome to the kernel party and you have to live in user space.

Now... I will come to the point of "Security through obscurity" OSX as we all know is not a default target for crackers... It has not been completely tested, we do not know enough about all the nooks and crannies of this complete OS... Do we? So 'in theory' it is there could be many holes, and to add to this Apple do NOT like to talk about security... Apple do NOT make it an objective of there’s to educate users regarding possible, theoretical or not, security vulnerabilities...

they don't like to talk about security? hmm, seems to me that apple releases security patches as soon as they are available, unlike the civ that is Microsoft windows whose parent company releases once a month if they get to it. what it is 35 vulnerabilities in IE still, and that is not counting the fact that active X controls run as administrator giving any website the ability to infect your computer with a worm or virus just from visiting the site...one would even say that Spyware and adware that is drive by downloaded and installed without the user's knowledge is in fact a virus.

Tell me this, why don't the 3 letter agencies and governments of the world host there Mission critical applications and confidential Data on OSX?

easy...because their data is stored on huge databases and mainframes that are more than 10 years old...20 in some cases and the upgrade costs are ridiculous for even the most modest solution.
it has nothing to do with the security of the systems...if it did, Windows would not be sitting on any of the desktops and SELinux would be the only thing allowed to run, that or Trusted Solaris.

a serious cracker (not just a script kiddie with some tools)could find vulnerabilities in the OS (possibly easily.. We just don't know), and exploit the system, at what ever layer you want...

yeah, and it is easier to do on a windows system. those critical systems are behind 10 diffrent firewalls and shadow servers. could a cracker still get in? hell yes, but ti would be hard as hell and they would get caught. it doe snot matter what OS you run, a cracker can get in because of the tools he/she employes. crackers are not stupid. you think that they would even try to root force into a government network? that is just stupid to try and a waste of time. there are more productive ways to gain access.

I would say until it has been tested enough as its entirety and apple start (or keen Mac users, and we all know how zealous some Mac users are don’t we :-D ) creating documentation on OSX security it is "secured through obscurity" IMHO

you are basing your conclusion on the windowing system which is a system that is least likely to give root access to anything. could there be buffer over flow problems? sure, but if they are UI based the user would have to be sitting at the machine to exploit them, and in a secure environment, it is kinda hard to get into do such activities.

I would also like to add that windows does not have documentation, they have a track record. that track record says "stay away from me and use something more secure like OpenBSD"

 

[Anttech]

"one would even say that Spyware and adware that is drive by downloaded and installed without the user's knowledge is in fact a virus." no its called a trojan

"easy...because their data is stored on huge databases and mainframes that are more than 10 years old...20 in some cases and the upgrade costs are ridiculous for even the most modest solution."

--So you are saying they would choose apple mac if they were to move to another platform... Give me a break

I was not making this a windows versus apple war... For some reason you seem to think I use windows... That is your problem! I was merly making comments regarding apple OSX and the "culture" of apple...

The way you are talking you would think that OSX is more secure than the bank of England... This is SO UTTERLY PRESUPTIOUS of you...

"yeah, and it is easier to do on a windows system. those critical systems are behind 10 diffrent firewalls and shadow servers. could a cracker still get in? hell yes, but ti would be hard as hell and they would get caught. it doe snot matter what OS you run, a cracker can get in because of the tools he/she employes. crackers are not stupid. you think that they would even try to root force into a government network? that is just stupid to try and a waste of time. there are more productive ways to gain access."

How the hell do you know! Give me some references to your statements...

I work for a corporate company, looking after Firewalls and Router Switchs AAA IDS DMZs Content switchs etc etc... I would love to post the amount of scans we get per day, and the amount of people who try to crack our network everyday!
Do you not think that a serious cracker would love to get entry into a government database... You are misslead!

"stay away from me and use something more secure like OpenBSD" I aggree with this... But OSX is not *BSD it is NOT *nix

Do you know that completely secure protocol called IPsec... The one after some analyis was found to have many flaws! Well Ipsec was secure through obsecurity until it was analys and the netBSD team found flaws... Well same goes for Apple OSX... you can't think that there team of programers are Utra clinical and have never made and never will make any mistakes because well, its not windows it Apple... that seems to be you line of thought

"you are basing your conclusion on the windowing system which is a system that is least likely to give root access to anything."

You obviuosly can't read...

 

[Sirus]

Guys...this is not about the iMac G5...